feat: nuke-and-rebuild.sh — one-command fleet reset

Two scripts: - nuke-and-rebuild.sh: docker down -v, clean orphans, rebuild, setup - post-rebuild-setup.sh: insert global secrets (MiniMax + GH PAT), import org template, wait for platform health Global secrets ensure every provisioned container gets MiniMax API config and GitHub PAT injected as env vars automatically — no manual settings.json deployment needed. Usage: bash scripts/nuke-and-rebuild.sh Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-20 12:53:16 -07:00 · 2026-04-20 12:53:16 -07:00 · f9971306d6
commit f9971306d6
parent 40e524dea5
2 changed files with 62 additions and 0 deletions
--- a/scripts/nuke-and-rebuild.sh
+++ b/scripts/nuke-and-rebuild.sh
@ -0,0 +1,18 @@
+#!/bin/bash
+# Full nuke + rebuild — one command to reset everything
+# Usage: bash scripts/nuke-and-rebuild.sh
+set -euo pipefail
+
+echo "=== NUKE ==="
+docker compose down -v 2>/dev/null || true
+docker ps -a --format "{{.Names}}" | grep "^ws-" | xargs -r docker rm -f 2>/dev/null || true
+docker volume ls --format "{{.Name}}" | grep "^ws-" | xargs -r docker volume rm 2>/dev/null || true
+docker network rm molecule-monorepo-net 2>/dev/null || true
+echo "  cleaned"
+
+echo "=== REBUILD ==="
+docker compose up -d --build
+echo "  platform + canvas up"
+
+echo "=== POST-REBUILD SETUP ==="
+bash scripts/post-rebuild-setup.sh
--- a/scripts/post-rebuild-setup.sh
+++ b/scripts/post-rebuild-setup.sh
@ -0,0 +1,44 @@
+#!/bin/bash
+# Post-rebuild setup — run after docker compose up -d --build
+# Inserts global secrets that the provisioner injects into every workspace container.
+# Without these, agents can't call MiniMax or push to GitHub.
+
+set -euo pipefail
+
+DB_CONTAINER="${DB_CONTAINER:-molecule-monorepo-postgres-1}"
+DB_USER="${DB_USER:-dev}"
+DB_NAME="${DB_NAME:-molecule}"
+PLATFORM_URL="${PLATFORM_URL:-http://127.0.0.1:8080}"
+ADMIN_TOKEN="${ADMIN_TOKEN:-***REDACTED***F1088-CREDENTIAL-3***=}"
+
+echo "=== Waiting for platform health ==="
+until curl -s --max-time 5 "$PLATFORM_URL/health" >/dev/null 2>&1; do
+    echo "  waiting..."
+    sleep 3
+done
+echo "  platform up"
+
+echo "=== Inserting global secrets ==="
+docker exec "$DB_CONTAINER" psql -U "$DB_USER" -d "$DB_NAME" -c "
+INSERT INTO global_secrets (key, encrypted_value, encryption_version) VALUES
+('ANTHROPIC_BASE_URL', 'https://api.minimax.io/anthropic', 0),
+('ANTHROPIC_AUTH_TOKEN', '${MINIMAX_API_KEY:-***REDACTED***F1088-CREDENTIAL-1***}', 0),
+('ANTHROPIC_MODEL', 'MiniMax-M2.7', 0),
+('ANTHROPIC_SMALL_FAST_MODEL', 'MiniMax-M2.7', 0),
+('API_TIMEOUT_MS', '3000000', 0),
+('CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC', '1', 0),
+('GITHUB_TOKEN', '${GITHUB_PAT:-***REDACTED***F1088-CREDENTIAL-2***}', 0)
+ON CONFLICT (key) DO UPDATE SET encrypted_value = EXCLUDED.encrypted_value;
+"
+echo "  7 global secrets set"
+
+echo "=== Importing org template ==="
+curl -s --max-time 600 -X POST "$PLATFORM_URL/org/import" \
+    -H "Authorization: Bearer $ADMIN_TOKEN" \
+    -H "Content-Type: application/json" \
+    -d '{"dir":"molecule-dev"}' | head -1
+echo ""
+echo "  import complete"
+
+echo "=== Done ==="
+echo "Run: http://127.0.0.1:3000 for canvas"